Re: Configuration Errors on SSL+Apache 2.2 +mod_jk +Tomcat 5.5

[kohanm <kohan.massoud@xxxxxxxxx>]

I do not have mod_ssl.so under Apache/modules. I downloaded Apache 2.2 the binary version and then the  jk_module  separately.

I read from different sources that I have to install Apache 2.2.* from source than I have to enable mod_ssl  and there is not any separate SSL module for Apache 2.2. am I  right?

MK

 

On 7/21/08, Jorge Medina <jmedina@xxxxxxxxxxxx> wrote:

Depending on your flavor of Linux and how you got Apache, you may already have the mod_ssl module and you may need just to load it.

Check if the file mod_ssl.so already exists on the directory where apache is installed.

 

---

From: kohanm [mailto:kohan.massoud@xxxxxxxxx]
Sent: Friday, July 18, 2008 6:26 PM
To: users@xxxxxxxxxxxxxxxx
Subject: Re: Configuration Errors on SSL+Apache 2.2 +mod_jk +Tomcat 5.5

 

Thanks for your reply:
 

 

Did you enable (LoadModule) the ssl module ?

No, I thought the only thing that I have to do is to modify on httpd.conf :

include  conf/extra/httpd-ssl.conf

 

I have linux binary version so,  do I have to download the ssl_module?  and then

add it  to the   httpd.conf :

LoadModule ssl_module modules/mod_ssl.so

 

 

 

How did you get your certificate and key? Is your public key protected by a password ? If not, you don't need to include the SSLPassPhraseDialog directive.

 

After creating key,csr then sent to Thawte. I got certificate form Thawte and the key and certificate are on the conf file.

I am not sure if the public key is protected by a passowd.

 

Thanks,

MK
 

 

 

 

 

---

From: kohanm [mailto:kohan.massoud@xxxxxxxxx]
Sent: Friday, July 18, 2008 4:35 PM
To: users@xxxxxxxxxxxxxxxx
Subject: Configuration Errors on SSL+Apache 2.2 +mod_jk +Tomcat 5.5

 

Hi,

 

I'am having probem to configure the SSL with the  Apache 2.2 +mod_jk +Tomcat 5.5.

Without SSL implementation the Tomcat 5.5 +Apache2.2 + mod_k works fine.

For implementing the SSL first I take it out the  # from Include ssl:
Include conf/extra/httpd-ssl.conf
and also in the httpd-ssl.conf file I modified these lines:
ServerName  mydomain:443
SSLCertificateFile "/usr/local/apache2/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/sever.key"

 When I run apachectl after running tomcat,  I get these ERRORs:
[Fri Jul 18 13:22:20 2008] [warn] Useless use of AllowOverride in line 114.
Syntax error on line 57 of /usr/local/apache2/conf/extra/httpd-ssl.conf:
Invalid command 'SSLPassPhraseDialog', perhaps misspelled or defined by a module not included in the server configuration

Here the httdf.conf file(short describtion):

Listen  mydomainIP:80
 LoadModule jk_module modules/mod_jk-apache-2.2.4.so

 

<IfModule mod_jk.c>

JkWorkersFile conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel error
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"

 

Alias /list  "/usr/local/jakarta-tomcat/webapps/list/"

 <Directory "/usr/local/jakarta-tomcat/webapps/list/">
        Options Indexes +FollowSymLinks
        AllowOverride None
        Allow from all
    </Directory>

 
Alias /example  "/usr/local/jakarta-tomcat/webapps/example/"

 <Directory "/usr/local/jakarta-tomcat/webapps/example/">
        Options Indexes +FollowSymLinks
        AllowOverride None
        Allow from all
    </Directory>

    <Location "/*/WEB-INF/*">
        AllowOverride None
        deny from all
    </Location>

 JkMount  /list/*  example
 JkMount /example/* example

</IfModule>

# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

 

____________________

in the httpd-ssl.conf file the only lines that I changed from default are :

ServerName  mydomain:443
SSLCertificateFile "/usr/local/apache2/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/sever.key"

 

Thanks for your help,

MK
 

--
Massoud

-- 
Massoud